Security

Security is core to our business, and yours.

Overview

Workplace is developed with security as a top priority. Workplace leverages the same best-in-class frameworks and infrastructure that help to secure consumer Facebook.

As a Workplace customer, you have the ability to secure your instance based on the needs of your business. This includes being able to grant granular permissions to particular users in your organization, controlling programmatic access to your content with API security, and enforcing single-sign on for everyone.

Admin Roles

Workplace administrators have access to account controls and system settings, so it's important to choose administrators carefully, and to limit administrator capabilities using administrator roles.

There are 4 different types of administrator roles that a user can belong to:

System Administrator

Manages all company data, including system settings, administration roles, content and accounts

Manages reported posts and messages across all groups

Adds and removes people from Workplace

Uses reports of company activity and individual accounts to drive growth

Content Moderator

Manages reported posts and messages across all groups

Adds and removes people from Workplace

Uses reports of company activity and individual accounts to drive growth

Account Manager

Adds and removes people from Workplace

Uses reports of company activity and individual accounts to drive growth

Analyst

Uses reports of company activity and individual accounts to drive growth

Management of users in any of these roles can be done within the Settings page of your Admin Panel.

Best Practice

It's best to have at least two users assigned with System Administrator roles on Workplace. This will allow for redundancy in securing the Workplace instance for vital maintenance tasks such as resetting API access token, configuration of SSO settings, ensuring users have the proper permissions for creating groups or editing their own profiles.

Authentication

Workplace uses proactive security measures from Facebook to protect user accounts authenticated by username and password.

However, if you're already using an enterprise-grade identity management solution, you can implement Single Sign On to add an additional layer of security to your Workplace community.

Authentication

API Security

Workplace provides an Account Management API for managing user accounts and a Graph API for managing groups membership, and content that exists within your instance.

Access and permissions to Workplace APIs are managed through applications and access tokens. Access tokens are the proverbial “keys” to the APIs and should be distributed and managed with care. The access tokens will only be displayed once at the time of creation. A system administrator also has the ability to reset an individual access token.

Additional information on how to get started with these APIs can be found in the Graph API Overview guide.

Graph API Overview

Security and Compliance Integrations

Workplace customers can meet their compliance, data security, threat protection, and legal eDiscovery requirements by leveraging one of our partners' products.

Security and Compliance Integrations

Trust and Security

Facebook takes security very seriously. Please visit our Trust Center to learn more about our philosophy on security, what type of security resources Workplace has implemented, as well as other available programs and tools which help to continually make Workplace more secure.

A SOC3 report on Workplace security controls and trust services criteria has been completed and published by an independent third-party auditor. This is available on our Trust Center.

Workplace Trust Center